<%-- 
    Document   : login
    Created on : May 10, 2013, 3:25:04 AM
    Author     : Nam
--%>
    
<%--<%@page import="java.sql.*"%>

<%@page contentType="text/html" pageEncoding="UTF-8"%>
<%
java.sql.Statement s;
 %>--%>
<!--<!DOCTYPE html>-->
<!--<html>
    <head>
        <title>login</title>
    </head>
    <body>     
        <% 
           //String user = request.getParameter("name");
           // String pass = request.getParameter("pass");
            //boolean login = true;
            /*try {
                Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
                out.print("1");
                Connection conn = DriverManager.getConnection("jdbc:sqlserver://ANONYMOUS\\SQLEXPRESS:1433;IntegratedSecurity=true");
                out.print("2");
                String query = "SELECT * FROM THANHVIEN";
                out.print("3");
                //PreparedStatement pr = conn.prepareStatement(query);
                s = conn.createStatement();
                out.print("2");
                ResultSet rs;
                rs = s.executeQuery(query);
                out.print("before");
                while (rs.next()) {
                    out.print("after");
                    
                    String username = rs.getString("TENDANGNHAP");

                    String password = rs.getString("MATKHAU");
                    out.println("<p>"+username+"</p>");
                    out.println(password);
                    out.println(user);
                    out.println(pass);
                    if (username.equalsIgnoreCase(user) && password.equalsIgnoreCase(pass)) {
                        login = true;
                    } else {
                        login = false;
                    }
                }
                
                s.close();
                conn.close();
            } catch (Exception e) {
                System.out.println(e);
                out.print("catch");
            }

       */ %>

    </body>
</html> -->

<html>
<head><title>login</title></head>
<body>
<table>
<%@ page import="java.util.*" %>
<%@ page import="javax.sql.*;" %>
<% 

java.sql.Connection con;
java.sql.Statement s;
java.sql.ResultSet rs;
java.sql.PreparedStatement pst;

con=null;
s=null;
pst=null;
rs=null;

String url =  "jdbc:jtds:sqlserver://localhost:1433;integratedSecurity=true;";
String user = request.getParameter("name");
String password = request.getParameter("pass");
boolean login = true;

try{
Class.forName("net.sourceforge.jtds.jdbc.Driver");
con = java.sql.DriverManager.getConnection(url);
}catch(ClassNotFoundException cnfex){
cnfex.printStackTrace();

}
String sql = "SELECT * FROM THANHVIEN";
try{
s = con.createStatement();
rs = s.executeQuery(sql);
%>

<%
out.print("before");
while( rs.next() ){
    out.print("after");
%>
<% String username = rs.getString("TENDANGNHAP");

                    String passwords = rs.getString("MATKHAU");
                    out.println("<p>"+username+"</p>");
                    out.println(password);
                    if (username.equalsIgnoreCase(user) && passwords.equalsIgnoreCase(password)) {
                        login = true;
                    } else {
                        login = false;
                    }
 %>
<%
}
%>

<%

}
catch(Exception e){e.printStackTrace();
out.print("catch");}
finally{
if(rs!=null) rs.close();
if(s!=null) s.close();
if(con!=null) con.close();
}

%>

</body>
</html>